I have a new article up at MSSQLTips.com, covering what someone can do with CONTROL SERVER. Most folks know to look for changes in the sysadmin role, and knowing this, if I want to cover my tracks I don't want to give a login that membership. However, a lot of folks don't look for CONTROL SERVER permissions and this is a mistake. This article shows the exploit that someone with CONTROL SERVER (or being a member of the securityadmin role) can use to escalate privileges on the server.
Potential Security Exploit Using CONTROL SERVER permissions in SQL Server
